Openvpn on LXD 3.0.3

mispp · June 16, 2019, 9:20am

Do we have some official cookbook on how to deal with (unprivileged) containers and openvpn on LXD 3.0.3, aka what comes with ubuntu 18.04 lts?

Posts i’ve seen usually don’t work. Scripts found online are really outdated and with later versions of lxd/lxc this should be easier, no?

Anyhow, what i’ve tried is

raw.lxc: |-
    lxc.mount.entry = /dev/net/tun dev/net/tun none bind,create=file
    lxc.cgroup.devices.allow = c 10:200 rwm

[Service]
LimitNPROC=infinity

mispp · June 16, 2019, 9:25am

Actually, to answer my own question almost immediatelly after submitting:

[Service]
LimitNPROC=infinity

should be edited in systemctl edit openvpn-client@

This is what i missed in the published solutions and i edited it jus in openvpn@

stgraber · June 17, 2019, 4:58am

Also worth noting that /dev/net/tun is allowed in the default configuration, so no special config is needed for this.